PHPackages abovesky/url-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. abovesky/url-auth ActiveLibrary[Security](/categories/security) abovesky/url-auth ================= Generate a url with an expiration date and signature to prevent unauthorized access v1.0.3(8y ago)1211MITPHPPHP >=5.3.0CI failing Since Oct 18Pushed 5y ago1 watchersCompare [ Source](https://github.com/abovesky/url-auth)[ Packagist](https://packagist.org/packages/abovesky/url-auth)[ Docs](https://github.com/abovesky/url-auth)[ RSS](/packages/abovesky-url-auth/feed)WikiDiscussions master Synced 3d ago READMEChangelog (4)Dependencies (2)Versions (5)Used By (0) Create secured URLs with a limited lifetime =========================================== [](#create-secured-urls-with-a-limited-lifetime) This package can create URLs with a limited lifetime. This is done by adding an expiration date and a signature to the URL. ``` $urlAuth = new Md5('randomkey'); $urlAuth->sign('https://myapp.com', 30, 'days'); // => The generated url will be valid for 30 days ``` This will output an URL that looks like `https://myapp.com/?expires=xxxx&signature=xxxx`. Imagine mailing this URL out to the users of your application. When a user clicks on a signed URL your application can validate it with: ``` $urlAuth->validate('https://myapp.com/?expires=xxxx&signature=xxxx'); ``` Installation ------------ [](#installation) The package can installed via Composer: ``` composer require abovesky/url-auth ``` Usage ----- [](#usage) A signer-object can sign URLs and validate signed URLs. A secret key is used to generate signatures. ``` use abovesky\UrlAuth\Md5; $urlAuth = new Md5('mysecretkey'); ``` ### Generating URLs [](#generating-urls) Signed URLs can be generated by providing a regular URL and an expiration date to the `sign` method. ``` $expirationDate = (new DateTime)->modify('10 days'); $urlAuth->sign('https://myapp.com', $expirationDate); // => The generated url will be valid for 10 days ``` If an integer is provided as expiration date, the url will be valid for that amount of days. ``` $urlAuth->sign('https://myapp.com', 30, 'days'); // => The generated url will be valid for 30 days ``` ### Validating URLs [](#validating-urls) To validate a signed URL, simply call the `validate()` method. This will return a boolean. ``` $urlAuth->validate('https://myapp.com/?expires=1439223344&signature=2d42f65bd023362c6b61f7432705d811'); // => true $urlAuth->validate('https://myapp.com/?expires=1439223344&signature=2d42f65bd0-INVALID-23362c6b61f7432705d811'); // => false ``` Writing custom signers ---------------------- [](#writing-custom-signers) This packages provides a signer that uses md5 to generate signature. You can create your own signer by implementing the `abovesky\UrlAuth\iUrlAuth`-interface. If you let your signer extend `abovesky\UrlAuth\Base` you'll only need to provide the `createSignature`-method. Tests ----- [](#tests) The tests can be run with: ``` $ vendor/bin/phpspec run ``` License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE) for more information. ### Health Score 28 — LowBetter than 54% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community10 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 77.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 4 Last Release 3129d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/0990e9870c200570a06f5da79b10752b281e630606e0346bb2bd6995b6fef32b?d=identicon)[abovesky](/maintainers/abovesky) --- Top Contributors [![abovesky](https://avatars.githubusercontent.com/u/5986216?v=4)](https://github.com/abovesky "abovesky (7 commits)")[![tu6ge](https://avatars.githubusercontent.com/u/4115242?v=4)](https://github.com/tu6ge "tu6ge (2 commits)") --- Tags urlsecurityencryptionsign ### Embed Badge ![Health badge](/badges/abovesky-url-auth/health.svg) ``` [![Health](https://phpackages.com/badges/abovesky-url-auth/health.svg)](https://phpackages.com/packages/abovesky-url-auth) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[tilleuls/url-signer-bundle Create and validate signed URLs with a limited lifetime in Symfony 81340.1k](/packages/tilleuls-url-signer-bundle)[spatie/url-signer Generate a url with an expiration date and signature to prevent unauthorized access 4422.3M16](/packages/spatie-url-signer)[nzo/url-encryptor-bundle The NzoUrlEncryptorBundle is a Symfony Bundle used to Encrypt and Decrypt data and variables in the Web application or passed through URL 961.0M2](/packages/nzo-url-encryptor-bundle)[ass/xmlsecurity The XmlSecurity library is written in PHP for working with XML Encryption and Signatures 955.6M30](/packages/ass-xmlsecurity) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)